Prevent_Firmware_Rollback

APIs for preventing Rollback of unsafe firmware images.

Data Structures

struct  HiPreventRollbackReqBody_t
 Prevent Rollback request.
 
struct  HiPreventRollbackCnfBody_t
 Confirmation of the Prevent Rollback request.

Detailed Description

APIs for preventing Rollback of unsafe firmware images.

By enabling this feature Device is able to prevent unsafe/outdated firmwares to boot.

Each firmware owns its internal rollback revision number which is compared to an equivalent revision number burned in Device OTP memory. Depending on the comparison result, two cases can occur:

  • Firmware revision number is higher or equal to the OTP number -> the firmware is allowed to proceed
  • Firmware revision number is lower than the OTP value -> the firmware is not allowed to proceed. An Error indication will be returned to the driver indicating the cause of the error (WSM_HI_ERROR_FIRMWARE_ROLLBACK).
Note
The firmware rollback revision number is different that the firmware version. The former is incremented only when some important fixes (i.e. Security patches) are provided by a given version of the firmware,that MUST be applied to Device and should not be reverted. Usually, subsequent firmware versions are supposed to embed the same rollback revision number.

The rollback capability relies on the use of a dedicated API HiPreventRollbackReqBody_t.

All Device drivers supporting Rollback Prevention should send this request just after booting a new firmware. This way, any newer rollback revision number included in a firmware will be burned in the OTP.


Data Structure Documentation

◆ HiPreventRollbackReqBody_t

struct HiPreventRollbackReqBody_t

Prevent Rollback request.

Prevent Rollback asks WLAN firmware to burn a new Firmware Rollback value in a dedicated OTP section.

The new value is encoded in the firmware itself. Once burned, this value will prevent from starting all firmwares whose internal rollback value is lower than the OTP value.

Magic Word is used to prevent mistakenly sent requests to burn the OTP.

Definition at line 696 of file general_api.h.

Data Fields
uint32_t MagicWord Magic Word - should be 0x5C8912F3.

◆ HiPreventRollbackCnfBody_t

struct HiPreventRollbackCnfBody_t

Confirmation of the Prevent Rollback request.

The request might have failed for the following reasons:

  • Wrong magic word value

Definition at line 712 of file general_api.h.

Data Fields
uint32_t Status Confirmation status, see enum HiStatus.